Main Vulnerability Database Vulnerabilities #VU44401

Input validation error in Sun GlassFish Enterprise Server - CVE-2011-3564

Published: January 19, 2012 / Updated: August 11, 2020

Vulnerability identifier: #VU44401

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2011-3564

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Sun GlassFish Enterprise Server

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration.

How to mitigate CVE-2011-3564

Install update from vendor's website.

Sources

http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

Input validation error in Sun GlassFish Enterprise Server - CVE-2011-3564

Detailed vulnerability description

How to mitigate CVE-2011-3564

Sources

Please verify you're human